Cisco PIX to Linksys VPN router- Can this be done?

Discussion in 'Networking Issues' started by sbnet, Jun 14, 2005.

  1. sbnet

    sbnet Network Guru Member

    Has anyone ever successfully connected a Linksys VPN router to a Cisco PIX
    firewall? I have a BEFSX41 that I wanted to connect to my office PIX. Everything
    I tried has failed. I have been looking for some time now on a solution, but
    more so I have found that this may in fact not work at all. From what I have
    read on the Cisco.com forums no one has been able to make a tunnel. Yet, Linksys
    does state the opposite, that in fact this router should be able to make a
    connection.

    Any help would be very appreciated
     
  2. DevilStick

    DevilStick Network Guru Member

    How did you set up your PIX? Manually or using the VPN wizard? Have you created a user account for PPTP? You cannot use the ones that are defined with 'username xxxx ...'

    You must have a line like:

    vpdn username DevilStick password *****

    Here my whole PPTP definition:

    vpdn group PPTP-VPDN-GROUP accept dialin pptp
    vpdn group PPTP-VPDN-GROUP ppp authentication mschap
    vpdn group PPTP-VPDN-GROUP ppp encryption mppe auto
    vpdn group PPTP-VPDN-GROUP client configuration address local vpn-pool
    vpdn group PPTP-VPDN-GROUP client configuration dns xxx.xxx.xxx.xxx
    vpdn group PPTP-VPDN-GROUP pptp echo 60
    vpdn group PPTP-VPDN-GROUP client authentication local
    vpdn username DevilStick password *****
    vpdn enable outside

    The config above is just for windows client. What authentication uses the linksys? PAP, CHAP, MSCHAP?

    You should also have a look in the logs. Maybe you can find there any hint why your connection fails:

    #enable
    # conf t
    (config)# logging on
    (config)# logging buffered debug
    (config)# debug crypto vpnclient
    (config)# exit
    # show logging

    Make a connection and use 'show logging to view log buffer. Whan you have a console cable, you can directly log to console.
     
  3. sbnet

    sbnet Network Guru Member

    I am not looking to do a "dial" in VPN connection, I can already do that with either MS PPTP client or the Cisco client. What I am looking for is to connect the Linksys VPN endpoint to a PIX. According to Linksys, this router should act as a VPN endpoint. But it seems only one person has been able to do that, but they did not post the config. I found this on the Cisco.com forum, but the post was several years old.
     
  4. DevilStick

    DevilStick Network Guru Member

    Hmmm, so you want a site-to-site PPTP connection between PIX and linksys. Don't know whether this works.
    When using VPN wizard and selecting site-to-site vpn, you do not have any more the chance to chose between ipsec, l2tp and pptp.

    I did not find any manual or url for this configuration, either. Only PPTP as remote access. If your linksys router could behave like a client, you should be able to configure site-to-side vpn.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice